Terminal authenticating method, apparatus, and system

ABSTRACT

Embodiments of the present invention disclose a terminal authenticating method, including: receiving, by a UE-to-network relay UE-R, a first request message sent by user equipment UE; sending, by the UE-R, a second request message to a control network element according to the first request message sent by the UE; receiving, by the UE-R, an authentication request message sent by the control network element, and determining whether the authentication request message is for authenticating on the UE; if the authentication request message is for authenticating on the UE, sending, by the UE-R, an authentication request message to the UE; and receiving, by the UE-R, an authentication response message sent by the UE according to the authentication request message, and sending the authentication response message to the control network element.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No.15/197,381, filed on Jun. 29, 2016, which is a continuation ofInternational Application No. PCT/CN2014/080713, filed on Jun. 25, 2014,which claims priority to Chinese Patent Application No. 201310753800.6,filed on Dec. 31, 2013. All of the afore-mentioned patent applicationsare hereby incorporated by reference in their entireties.

TECHNICAL FIELD

The present invention relates to the field of communicationstechnologies, and in particular, to a terminal authenticating method,apparatus, and system.

BACKGROUND

A short-distance communication service (Proximity Service, ProSe)technology is mainly: establishing a secure communications channelbetween two user terminals (User Equipment, UE) that are at a relativelyshort distance from each other, so that data can be securely exchangedwhen the two UEs perform end-to-end data transmission. The ProSetechnology mainly includes two parts: ProSe Discovery and ProSeCommunication. In a ProSe Discovery phase, the foregoing two UEs need todetect each other by using an evolved universal terrestrial radio accessnetwork (Evolved Universal Terrestrial Radio Access Network, E-UTRAN) oranother non-network node technology to implement authentication onidentities of both parties. In a ProSe Communication phase, theforegoing two UEs need to establish a secure communications channel byusing the E-UTRAN or the another non-network node technology, and securedata communication may be performed after the secure communicationschannel is established. In specific application of the ProSe technology,UE may access an evolved packet core network (Evolved Packet Core, EPC)by using a UE-to-network relay (UE-to-Network Relay, UE-R). In somespecific application scenarios, the UE may not be covered by an EPCnetwork signal, but the UE-R is covered by an EPC network signal. Inthis case, the UE may access the EPC network by using the UE-R. In theforegoing scenario, the UE may access the EPC network by using the UE-R,and there may be a security threat that unauthorized UE accesses thenetwork during access to the EPC network by UE. Therefore, acorresponding safety measure is required to prevent the unauthorized UEfrom accessing the network.

In the prior art, an Authentication, Authorization and Accounting(Authentication, Authorization and Accounting, AAA) server (a homesubscriber server) and the UE-R are used to complete authenticationbetween remote UE and a network by using an Extensible AuthenticationProtocol-Authentication and Key Agreement (Extensible AuthenticationProtocol-Authentication and Key Agreement, EAP-AKA) authenticationprotocol. In the prior art, the EAP-AKA protocol is used to performauthentication on the UE, and therefore the UE needs to support evolvedpacket system (Evolved Packet System, EPS) AKA authentication andfurther needs to support EAP-AKA authentication, which increasescomplexity and costs of a terminal (that is, the UE), and imposesrelatively great impact on an existing protocol. The UE-R also requiresa new protocol stack to carry the Radius protocol or the Diameterprotocol, which increases complexity and costs of the UE-R. In addition,in the prior art, using the AAA server and the UE-R to completeauthentication between the remote UE and the network based on theEAP-AKA authentication protocol requires a large message procedure,resulting in low efficiency in authenticating the UE and a poor userexperience effect.

SUMMARY

Embodiments of the present invention provide a terminal authenticatingmethod, apparatus, and system. EPS AKA authentication can be used, tocomplete authentication on UE that accesses a network by using a UE-R.Operations are simple, complexity and costs of a terminal are reduced,and efficiency in authenticating the UE and user experience areimproved.

A first aspect of the embodiments of the present invention provides aterminal authenticating method, where the method may include:

receiving, by a UE-to-network relay UE-R, a first request message sentby user equipment UE;

sending, by the UE-R, a second request message to a control networkelement according to the first request message sent by the UE, so thatthe control network element sends an authentication data request messageto a home subscriber server HSS according to the second request message,where the authentication data request message carries identificationinformation for authenticating on the UE;

receiving, by the UE-R, an authentication request message sent by thecontrol network element, and determining whether the authenticationrequest message is for authenticating on the UE;

if the authentication request message is for authenticating on the UE,sending, by the UE-R, an authentication request message to the UE, wherethe authentication request message includes an authentication parameterof the UE; and

receiving, by the UE-R, an authentication response message sent by theUE according to the authentication request message, and sending theauthentication response message to the control network element, so as tocomplete authentication on the UE by using the control network element.

With reference to the first aspect, in a first possible implementationmanner, the first request message sent by the UE includes theidentification information for authenticating on the UE; and

the sending, by the UE-R, a second request message to a control networkelement according to the first request message sent by the UE includes:

adding, by the UE-R to the second request message, the identificationinformation for authenticating on the UE that is carried in the firstrequest message, and sending the second request message to the controlnetwork element.

With reference to the first aspect or the first possible implementationmanner of the first aspect, in a second possible implementation manner,the first request message sent by the UE does not include theidentification information for authenticating on the UE; and

the sending, by the UE-R, a second request message to a control networkelement according to the first request message sent by the UE includes:

adding, by the UE-R, the identification information for authenticatingon the UE to the second request message, and sending the second requestmessage to the control network element.

With reference to any one of the first aspect to the second possibleimplementation manner of the first aspect, in a third possibleimplementation manner, the authentication request message sent by thecontrol network element includes authentication identificationinformation that is for authenticating on the UE and is set by the HSSaccording to the identification information for authenticating on theUE; and

the determining whether the authentication request message is forauthenticating on the UE includes:

determining whether the authentication request message includes theauthentication identification information; and

if the authentication request message includes the authenticationidentification information, determining that the authentication requestmessage is for authenticating on the UE.

A second aspect of the embodiments of the present invention provides aterminal authenticating method, where the method may include:

receiving, by an HSS, an authentication data request message sent by acontrol network element, and determining, according to theauthentication data request message, whether the authentication datarequest message includes identification information for authenticatingon UE;

if the authentication data request message includes the identificationinformation for authenticating on the UE, setting, by the HSS, in anauthentication vector, authentication identification information forauthenticating on the UE; and

sending, by the HSS, the authentication vector to the control networkelement so as to send the authentication identification information to aUE-R by using the control network element, so that the UE-R determines,according to the authentication identification information, whether toperform authentication on the UE.

With reference to the second aspect, in a first possible implementationmanner, the authentication vector includes a RAND parameter, an AUTNparameter, an XRES parameter, and a Kasme parameter; and

the setting, by the HSS in an authentication vector, authenticationidentification information for authenticating on the UE includes:

setting, by the HSS, the authentication identification information in anauthentication management field AMF parameter in the AUTN parameter inthe authentication vector.

With reference to the second aspect or the first possible implementationmanner of the second aspect, in a second possible implementation manner,the authentication vector includes a RAND parameter, an AUTN parameter,an XRES parameter, and a Kasme parameter; and

the setting, by the HSS in an authentication vector, authenticationidentification information for authenticating on the UE furtherincludes:

encrypting, by the HSS, the RAND parameter in the authentication vector;and

setting, by the HSS, the authentication identification information in anAMF parameter in the AUTN parameter in the authentication vector.

A third aspect of the embodiments of the present invention provides aterminal authenticating method, where the method may include:

sending, by UE, a first request message to a UE-R, so that the UE-Rsends a second request message to a control network element according tothe first request message;

receiving, by the UE, an authentication request message sent by theUE-R, where the authentication request message carries authenticationidentification information for authenticating on the UE;

decrypting, by the UE, encrypted information in the authenticationidentification information, and computing an authentication responseaccording to information obtained by the decryption; and

sending, by the UE, the authentication response to the UE-R, so as tosend the authentication response to the control network element by usingthe UE-R, for performing authentication on the UE.

With reference to the third aspect, in a first possible implementationmanner, the first request message sent by the UE to the UE-R includesidentification information for authenticating on the UE.

A fourth aspect of the embodiments of the present invention provides aterminal authenticating method, where the method may include:

receiving, by a control network element, a second request message sentby a UE-R, and determining whether the second request message includesidentification information for authenticating on UE;

if the second request message includes the identification informationfor authenticating on the UE, sending, by the control network element,an authentication data request message to an HSS, where theauthentication data request message carries the identificationinformation for authenticating on the UE;

acquiring, by the control network element, from the HSS, anauthentication vector determined by the HSS according to theauthentication data request message; and

sending, by the control network element, an authentication requestmessage that includes information about the authentication vector to theUE-R, so that the UE-R determines whether the authentication requestmessage is for authenticating on the UE.

With reference to the fourth aspect, in a first possible implementationmanner, after the receiving, by a control network element, a secondrequest message sent by a UE-R, the method further includes:

determining whether the second request message is of a specified messagetype; and

if the second request message is of the specified message type, sending,by the control network element, the authentication data request messageto the HSS.

With reference to the fourth aspect or the first possible implementationmanner of the fourth aspect, in a second possible implementation manner,before the sending, by the control network element, the authenticationdata request message to the HSS, the method further includes:

adding, by the control network element, the identification informationfor authenticating on the UE to the authentication data request message.

With reference to any one of the fourth aspect to the second possibleimplementation manner of the fourth aspect, in a third possibleimplementation manner, before the sending, by the control networkelement, an authentication request message that includes theauthentication vector to the UE-R, the method further includes:

adding, by the control network element, the identification informationfor authenticating on the UE to the authentication request message.

A fifth aspect of the embodiments of the present invention provides aterminal authentication relay device, where the relay device mayinclude:

a receiving module, configured to receive a first request message sentby UE;

a sending module, configured to send a second request message to acontrol network element according to the first request message sent bythe UE, so that the control network element sends an authentication datarequest message to an HSS according to the second request message, wherethe authentication data request message carries identificationinformation for authenticating on the UE; where

the receiving module is configured to receive an authentication requestmessage sent by the control network element; and

a determining module, configured to determine, according to theauthentication request message received by the receiving module, whetherthe authentication request message is for authenticating on the UE;where

the sending module is configured to: when a result of the determining bythe determining module is yes, send an authentication request message tothe UE, where the authentication request message includes anauthentication parameter of the UE;

the receiving module is further configured to receive an authenticationresponse message that is sent by the UE according to the authenticationrequest message sent by the sending module; and

the sending module is configured to send, to the control networkelement, the authentication response message received by the receivingmodule, so as to complete authentication on the UE by using the controlnetwork element.

With reference to the fifth aspect, in a first possible implementationmanner, the first request message that is sent by the UE and received bythe receiving module includes the identification information forauthenticating on the UE; and

the sending module is further specifically configured to:

add, to the second request message, the identification information forauthenticating on the UE that is carried in the first request message,and send the second request message to the control network element.

With reference to the fifth aspect or the first possible implementationmanner of the fifth aspect, in a second possible implementation manner,the first request message that is sent by the UE and received by thereceiving module does not include the identification information forauthenticating on the UE; and

the sending module is specifically configured to:

add the identification information for authenticating on the UE to thesecond request message, and send the second request message to thecontrol network element.

With reference to any one of the fifth aspect to the second possibleimplementation manner of the fifth aspect, in a third possibleimplementation manner, the authentication request message that is sentby the control network element and received by the receiving moduleincludes authentication identification information that is forauthenticating on the UE and is set by the HSS according to theidentification information for authenticating on the UE; and

the determining module is specifically configured to:

determine whether the authentication request message includes theauthentication identification information; and

if the authentication request message includes the authenticationidentification information, determine that the authentication requestmessage is for authenticating on the UE.

A sixth aspect of the embodiments of the present invention provides aterminal authentication server, where the server may include:

a receiving module, configured to receive an authentication data requestmessage sent by a control network element;

a determining module, configured to determine, according to theauthentication data request message received by the receiving module,whether the authentication data request message includes identificationinformation for authenticating on UE;

a processing module, configured to: when a result of the determining bythe determining module is yes, set, in an authentication vector,authentication identification information for authenticating on the UE;and

a sending module, configured to send, to the control network element,the authentication vector obtained by processing by the processingmodule, so as to send the authentication identification information to aUE-R by using the control network element, so that the UE-R determines,according to the authentication identification information, whether toperform authentication on the UE.

With reference to the sixth aspect, in a first possible implementationmanner, the authentication vector obtained by processing by theprocessing module includes a RAND parameter, an AUTN parameter, an XRESparameter, and a Kasme parameter; and

the processing module is specifically configured to:

set the authentication identification information in an AMF parameter inthe AUTN parameter in the authentication vector.

With reference to the sixth aspect or the first possible implementationmanner of the sixth aspect, in a second possible implementation manner,the authentication vector obtained by processing by the processingmodule includes a RAND parameter, an AUTN parameter, an XRES parameter,and a Kasme parameter; and

the processing module is further specifically configured to:

encrypt the RAND parameter in the authentication vector; and

set the authentication identification information in an AMF parameter inthe AUTN parameter in the authentication vector.

A seventh aspect of the embodiments of the present invention providesterminal authentication user equipment, where the user equipment mayinclude:

a sending module, configured to send a first request message to a UE-R,so that the UE-R sends a second request message to a control networkelement according to the first request message;

a receiving module, configured to receive an authentication requestmessage sent by the UE-R, where the authentication request messagecarries authentication identification information for authenticating onthe UE; and

a processing module, configured to decrypt encrypted information in theauthentication identification information, and compute an authenticationresponse according to information obtained by the decryption.

With reference to the seventh aspect, in a first possible implementationmanner, the first request message sent by the sending module includesidentification information for authenticating on the UE.

An eighth aspect of the embodiments of the present invention provides aterminal authentication control device, where the control device mayinclude:

a receiving module, configured to receive a second request message sentby a UE-R;

a processing module, configured to determine, according to the secondrequest message received by the receiving module, whether the secondrequest message includes identification information for authenticatingon UE; and

a sending module, configured to: when a result of the determining by theprocessing module is yes, send an authentication data request message toan HSS, where the authentication data request message carries theidentification information for authenticating on the UE; where

the receiving module is configured to acquire, from the HSS, anauthentication vector determined by the HSS according to theauthentication data request message; and

the sending module is further configured to send, to the UE-R, anauthentication request message that includes information about theauthentication vector and is received by the receiving module, so thatthe UE-R determines whether the authentication request message is forauthenticating on the UE.

With reference to the eighth aspect, in a first possible implementationmanner, the control device further includes:

a determining module, configured to determine, according to the secondrequest message received by the receiving module, whether the secondrequest message is of a specified message type; and if the secondrequest message is of the specified message type, instruct the sendingmodule to send the authentication data request message to the HSS.

With reference to the eighth aspect or the first possible implementationmanner of the eighth aspect, in a second possible implementation manner,the sending module is further specifically configured to:

add the identification information for authenticating on the UE to theauthentication data request message, and send the authentication datarequest message to the HSS.

With reference to any one of the eighth aspect to the second possibleimplementation manner of the eighth aspect, in a third possibleimplementation manner, the sending module is further specificallyconfigured to:

add the identification information for authenticating on the UE to theauthentication request message that includes the authentication vector,and send the authentication request message to the UE-R.

A ninth aspect of the embodiments of the present invention provides aterminal authentication system, where the system may include: the relaydevice provided in the fifth aspect of the embodiments of the presentinvention, the server provided in the sixth aspect of the embodiments ofthe present invention, the user equipment provided in the seventh aspectof the embodiments of the present invention, and the control deviceprovided in the eighth aspect of the embodiments of the presentinvention.

In the embodiments of the present invention, when accessing a network byusing a UE-R, UE may send, to a control network element by using theUE-R, a request that includes identification information of the UE, soas to acquire an authentication vector message of the UE by using thecontrol network element. The UE-R may determine, according to theacquired authentication vector message, whether the authenticationvector message is for authenticating on the UE, and if theauthentication vector message is for authenticating on the UE, send anauthentication request to the UE, and further may completeauthentication on the UE by using the control network element.Operations are simple, complexity and costs of a terminal are reduced,and efficiency in authenticating the UE and user experience areimproved.

BRIEF DESCRIPTION OF DRAWINGS

To describe the technical solutions in the embodiments of the presentinvention or in the prior art more clearly, the following brieflyintroduces the accompanying drawings required for describing theembodiments. Apparently, the accompanying drawings in the followingdescription show merely some embodiments of the present invention, and aperson of ordinary skill in the art may still derive other drawings fromthese accompanying drawings without creative efforts.

FIG. 1 is a schematic diagram of performing authentication on a UE-R byusing an AKA authentication principle in the prior art;

FIG. 2 is a schematic flowchart of a first embodiment of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 3 is a first schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 4 is a second schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 5 is a third schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 6 is a schematic flowchart of a second embodiment of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 7 is a fourth schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 8 is a fifth schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 9 is a sixth schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 10 is a seventh schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 11 is an eighth schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 12 is a schematic flowchart of a third embodiment of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 13 is a schematic flowchart of a fourth embodiment of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 14 is a ninth schematic interaction diagram of a terminalauthenticating method according to an embodiment of the presentinvention;

FIG. 15 is a schematic structural diagram of an embodiment of a terminalauthentication relay device according to an embodiment of the presentinvention;

FIG. 16 is a schematic structural diagram of an embodiment of a terminalauthentication server according to an embodiment of the presentinvention;

FIG. 17 is a schematic structural diagram of an embodiment of terminalauthentication user equipment according to an embodiment of the presentinvention;

FIG. 18 is a schematic structural diagram of an embodiment of a terminalauthentication control device according to an embodiment of the presentinvention;

FIG. 19 is another schematic structural diagram of an embodiment of aterminal authentication control device according to an embodiment of thepresent invention; and

FIG. 20 is a schematic structural diagram of a terminal authenticationsystem according to an embodiment of the present invention.

DESCRIPTION OF EMBODIMENTS

The following clearly describes the technical solutions in embodimentsof the present invention with reference to the accompanying drawings inthe embodiments of the present invention. Apparently, the embodimentsdescribed in the following are merely some but not all of theembodiments of the present invention. All other embodiments obtained bya person of ordinary skill in the art based on the embodiments of thepresent invention without creative efforts shall fall within theprotection scope of the present invention.

In a ProSe technology, when UE accesses a network by using a UE-R, anEPS AKA authentication principle may be used in the embodiments of thepresent invention to perform authentication on the UE that accesses thenetwork, so as to prevent unauthorized UE from accessing the network byusing the UE-R and prevent a security threat to the network. In theProse technology, when the UE-R accesses the network as common Long TermEvolution (Long Term Evolution, LTE) UE, the network exactly uses EPSAKA authentication when performing authentication on the UE-R. Likewise,a Generic Bootstrapping Architecture (Generic BootstrappingArchitecture, GBA)-based AKA bootstrapping procedure may take the placeof an EPS AKA authentication procedure to be applied to the embodimentsdescribed in the following. A mobility management entity (MobilityManagement Entity, MME) in the embodiments of the present invention maybe a ProSe Function (a function control network element in a ProSeservice).

Referring to FIG. 1, FIG. 1 is a schematic interaction diagram ofperforming, by a network, authentication on a UE-R by using an AKA inthe prior art, which may include steps A1 to A10.

A1. The UE-R sends a request to an MME.

In the prior art, the request sent by the UE-R to the MME includes aninternational mobile subscriber identity (International MobileSubscriber Identity, IMSI) of the UE-R.

A2. The MME sends an authentication data request to an HSS.

In the prior art, after receiving the request sent by the UE-R, the MMEmay send the authentication data request to the home subscriber server(Home Subscriber Server, HSS), where the authentication data requestincludes the IMSI of the UE-R.

A3. The HSS computes an authentication vector.

In the prior art, when the HSS receives the authentication data requestsent by the MME, the HSS may compute the authentication vector used forperforming authentication on the UE-R, where the authentication vectorincludes a RAND (RANDom number) parameter, an AUTN (Authenticationtoken) parameter, an XRES (Expected user RESponse) parameter, a Kasmeparameter, and the like.

A4. The HSS sends an authentication data response to the MME.

Specifically, the authentication data response sent by the HSS to theMME includes a RAND parameter, an AUTN parameter, an XRES parameter, aKasme, and the like.

A5. The MME stores the authentication data response.

In the prior art, after receiving the authentication data response sentby the HSS, the MME may store the received authentication data response,and send an authentication request to the UE-R.

A6. The MME sends an authentication request to the UE-R.

Specifically, the authentication request sent by the MME to the UE-Rincludes the RAND parameter and AUTN parameter.

A7. The UE-R verifies an AUTN, and computes a RES (RESponse) parameter.

In the prior art, after receiving the authentication request sent by theMME, the UE-R may perform verification on the AUTN in the authenticationrequest, and after it is verified that the AUTN is correct, the UE-R maycompute the RES parameter, and further may send the RES parameter to theMME.

A8. The UE-R sends a user authentication response to the MME.

A9. The MME authenticates UE.

A10. The MME sends an authentication response to the UE-R.

Specifically, the user authentication response includes the RESparameter. After receiving the RES parameter sent by the UE-R, the MMEmay compare the RES parameter with the XRES parameter stored in the MMEand perform authentication on the UE-R. When the MME learns bycomparison that the RES and the XRES are consistent, the MME maycomplete authentication on the UE-R by using the authentication on theUE-R, and feed back an authentication result to the UE-R by using theauthentication response.

In embodiments of the present invention, when UE accesses a network byusing a UE-R, the EPS AKA authentication principle is used, to performauthentication on the UE, and a new protocol (such as an EAP-AKAprotocol) is not required to perform authentication on the UE. The UEneeds to support only an EPS AKA protocol, and does not need to supportboth the EPS AKA protocol and the EAP-AKA protocol, which reducescomplexity and costs of a terminal. In the embodiments of the presentinvention, when the UE accesses the network by using the UE-R, the EPSAKA protocol is used, to perform authentication on the UE, and the UE-Rcan directly support authentication on the UE. Anew protocol stack doesnot need to be established between the UE and the UE-R to support a newprotocol, the UE-R supports complexity of authentication on the UE,costs are low, operations are convenient, and authentication efficiencyis high. The following describes, in detail with reference to the EPSAKA authentication process described in FIG. 1, a specificimplementation process of performing authentication on UE by using anEPS AKA in the embodiments of the present invention.

Referring to FIG. 2, FIG. 2 is a schematic flowchart of a firstembodiment of a terminal authenticating method according to anembodiment of the present invention. The terminal authenticating methoddescribed in this embodiment includes steps:

S101. A UE-R receives a first request message sent by UE.

S102. The UE-R sends a second request message to a control networkelement according to the first request message sent by the UE.

In some feasible implementation manners, the first request message sentby the UE may include an identity (an IMSI) of the UE and identificationinformation (an Indication) of the UE (that is, identificationinformation for authenticating on the UE). The identificationinformation Indication may indicate that the first request message is arequest that is sent by the UE for accessing a network by using theUE-R. In specific implementation, after the UE accesses the network byusing the UE-R and sends the first request message that includes theIMSI and Indication of the UE to the UE-R, the UE-R may send the secondrequest message to the control network element according to the firstrequest message sent by the UE. Specifically, a message type of thesecond request message and a message type of the first request messagemay be the same or different, which may be specifically set according toan actual scenario requirement for authenticating on the UE.

In specific implementation, when sending the second request message toan MME, the UE-R may add the identification information forauthenticating on the UE to the second request message, where theidentification information for authenticating on the UE is used toidentify that the second request message is a request message sent bythe UE-R to the MME when the UE accesses the network by using the UE-R.Specifically, when the first request message that is sent by the UE andreceived by the UE-R includes the identification information (that is,an Indication) for authenticating on the UE, the UE-R may use theidentification information Indication as the identification informationfor authenticating on the UE and add the identification informationIndication to the second request message; or the UE-R may re-selectidentification information Indication (which has a function the same asthat of the identification information for authenticating on the UE thatis included in the first request message), use the identificationinformation Indication as the identification information forauthenticating on the UE, and add the re-selected identificationinformation Indication to the second request message, where there-selected identification information may be the same as or differentfrom the identification information for authenticating on the UE that isincluded in the first request message. Then, the UE-R sends the secondrequest message to the MME (that is, the control network element). Asshown in FIG. 3, when the UE-R receives the first request message sentby the UE, if the received first request message includes the IMSI andIndication of the UE, the UE-R may add, to the second request message,the IMSI and Indication of the UE that are included in the first requestmessage; or the UE-R may re-select an Indication, add the IMSI and there-selected Indication to the second request message. Then, the secondrequest message is sent to the control network element. After receiving,by using the UE-R, the second request message sent by the UE-R, thecontrol network element on a network side may determine, according tothe Indication of the UE included in the second request message, thatauthentication currently needs to be performed on the UE that accessesthe network by using the UE-R, but not on the UE-R. Then, the MME maysend a corresponding user authentication data request message to an HSS.

In some feasible implementation manners, as shown in FIG. 4, when thefirst request message sent by the UE includes only the IMSI of the UE,and does not include the identification information (an Indication) forauthenticating on the UE, after the UE accesses the network by using theUE-R and sends the first request message that includes the IMSI of theUE to the UE-R, the UE-R may send the second request message to thecontrol network element according to the first request message sent bythe UE. Specifically, a message type of the second request message and amessage type of the first request message may be the same or different,which may be specifically set according to an actual scenariorequirement for authenticating on the UE.

In specific implementation, as shown in FIG. 4, when the first requestmessage received by the UE-R includes only the IMSI of the UE, the UE-Rmay add the identification information Indication (that is, theidentification information for authenticating on the UE) to the firstrequest message sent by the UE, add the IMSI and the Indication to thesecond request message, and send the second request message thatincludes the IMSI and Indication of the UE to the control networkelement. After receiving, by using the UE-R, the second request messagesent by the UE-R, the control network element on the network side maydetermine, according to the Indication of the UE included in the secondrequest message, that authentication currently needs to be performed onthe UE that accesses the network by using the UE-R, but not on the

UE-R.

In specific implementation, as shown in FIG. 5, when the first requestmessage sent by the UE includes only the IMSI of the UE, after the UEaccesses the network by using the UE-R and sends the first requestmessage that includes the IMSI of the UE to the UE-R, the UE-R may sendthe second request message to the control network element according tothe first request message sent by the UE. Specifically, a message typeof the second request message and a message type of the first requestmessage may be the same or different, which may be specifically setaccording to an actual scenario requirement for authenticating on theUE.

In specific implementation, as shown in FIG. 5, when the first requestmessage received by the UE-R includes only the IMSI of the UE, the UE-Rmay directly add the IMSI of the UE in the first request message to thesecond request message, and send the second request message thatincludes the IMSI of the UE to the control network element. That is, inthe foregoing implementation manner, the second request message sent bythe UE-R to the control network element includes the IMSI of the UE, anddoes not include the identification information Indication. In specificimplementation, in the foregoing implementation manner, after the UE-Rsends the second request message that includes only the IMSI of the UEto the control network element on the network side, the control networkelement cannot acquire the Indication directly from the second requestmessage because there is no Indication in the second request message. Inthis case, the control network element may determine, according to themessage type of the second request message, whether the request is anauthentication request sent by the UE when the UE accesses the networkby using the UE-R or an authentication request sent by the UE-R when theUE-R accesses the network. Specifically, the control network element mayperform matching between the message type of the received second requestmessage and a prestored specified message type, and determine whetherthe message type of the second request message belongs to the specifiedmessage type. If it is determined that the message type of the secondrequest message is the specified message type, the control networkelement may send the corresponding user authentication data requestmessage to the HSS, and may further inform the HSS, by using the userauthentication data request message, whether the UE accesses the networkor the UE-R accesses the network. That is, the control network elementlearns, by determining the message type of the second request message,whether the message type of the currently received second requestmessage is the specified message type, so as to determine contentincluded in the user authentication data request message sent to theHSS. That is, it may be determined that authentication needs to beperformed on the UE that accesses the network by using the UE-R, but noton the UE-R.

In some feasible implementation manners, after receiving the secondrequest message sent by the UE-R, the network side may compute,according to the second request message, an authentication vector usedfor performing authentication on the UE. In specific implementation, asshown in FIG. 3 or FIG. 4, when the second request message received bythe control network element on the network side includes theidentification information Indication, it may be determined that thesecond request message is a request that is sent by the UE for accessingthe network by using the UE-R, but not a request for accessing thenetwork by the UE-R, that is, when it is determined that the secondrequest message includes the Indication, the network side may computethe authentication vector used for performing authentication on the UE.Specifically, when it is determined that the second request messageincludes the Indication, the network side may set authenticationidentification information (that is, authentication identificationinformation for authenticating on the UE) in the authentication vectorused for performing authentication on the UE, where the authenticationidentification information is used to indicate that the authenticationvector is for authenticating on the UE, and send the authenticationvector that includes the authentication identification information tothe UE-R by using an authentication request message. Specifically, whensetting the authentication identification information for authenticatingon the UE, the network side may set, in an AMF parameter in theauthentication vector, the authentication identification information forauthenticating on the UE. For example, the X^(th) bit of an AMFparameter may be set to 1 in an AUTN parameter in the authenticationvector, where 1≤X≤7, that is, the X^(th) bit of the AMF parameter may beany one of seven idle bits of the AMF parameter. The network side setsthe flag bit, and sends an authentication vector that includes the flagbit to the UE-R, and the UE-R then may determine, according to the flagbit, that the received authentication vector is used for authenticatingon the UE but not for authenticating on the UE-R.

In specific implementation, when the second request message received bythe network side does not include the identification informationIndication, the network side may further determine, according to themessage type of the second request message, that the second requestmessage is a request message that is sent by the UE for accessing thenetwork by using the UE-R, but not a request message that is sent by theUE-R for accessing the network. When it is determined that the receivedsecond request message is a request message that is sent by the UE foraccessing the network by using the UE-R, the network side may computethe authentication vector used for performing authentication on the UE,set, in the authentication vector, the authentication identificationinformation for authenticating on the UE, and further, sendauthentication vector parameters RAND and AUTN that include theauthentication identification information for authenticating on the UEto the UE-R.

S103. The UE-R receives an authentication request message sent by thecontrol network element.

S104. The UE-R determines whether the authentication request message isfor authenticating on the UE, and if a result of the determining is yes,performs step S105.

S105. The UE-R sends an authentication request message to the UE.

In some feasible implementation manners, after receiving theauthentication request message sent by the control network element onthe network side, the UE-R may determine, according to various parameterinformation of the authentication vector included in the authenticationrequest message, whether the authentication request message is forauthenticating on the UE. If it is determined that the authenticationrequest message is for authenticating on the UE, the UE-R sends theauthentication request message to the UE. In specific implementation,when the UE-R receives the authentication request message sent by thecontrol network element, the UE-R may determine whether theauthentication request message includes the authenticationidentification information for authenticating on the UE. For example,the UE-R may determine whether the X^(th) bit of the AMF parameter ofthe authentication vector in the authentication request message is 1. Ifit is determined that the X^(th) bit of the AMF in the authenticationvector is 1, the UE-R determines that the authentication request messageis for authenticating on the UE. In addition, as shown in FIG. 10, itmay further be determined whether the authentication request messageincludes identification information Indication 2. If there is theidentification information Indication 2, it is determined that theauthentication request message is for authenticating on the UE. Then,the UE-R may send the authentication request message to the UE, and sendparameters such as the AUTN and the RAND in the authentication vector tothe UE, so as to be verified by the UE.

S106. The UE-R receives an authentication response message sent by theUE according to the authentication request message, and sends theauthentication response message to the control network element, so as tocomplete authentication on the UE by using the control network element.

In some feasible implementation manners, when sending the authenticationrequest message to the UE, the UE-R sends, to the UE, the RAND and AUTNthat are received from the network side. After receiving the RAND andAUTN that are sent by the UE-R, the UE may perform verification on theparameters RAND and AUTN, to verify correctness of the AUTN parameter.After it is verified that the AUTN is correct, the UE may compute a RESparameter, and send, to the UE-R, the RES parameter obtained bycomputing. After receiving the authentication response (including theRES parameter) sent by the UE, the UE-R may send the authenticationresponse to the control network element on the network side, so as tocomplete authentication on the UE by using the control network element.The control network element completes authentication on the UE.

In this embodiment of the present invention, a UE-R may receive arequest message sent by UE, send an authentication request message to anetwork side according to the request message sent by the UE, andacquire, from the network side, an authentication vector that includesauthentication identification information for authenticating on the UE.The UE-R may determine, according to an authentication request messagesent by the network side, whether to perform authentication on the UE orthe UE-R, and further send the authentication request message to the UE,so as to complete authentication on the UE. Operations are simple, costsof a terminal are low, and efficiency in authenticating the UE and userexperience are improved.

Referring to FIG. 6, FIG. 6 is a schematic flowchart of a secondembodiment of a terminal authenticating method according to anembodiment of the present invention. The terminal authenticating methoddescribed in this embodiment includes steps:

S201. An HSS receives an authentication data request message sent by acontrol network element.

S202. Determine whether the authentication data request message includesidentification information for authenticating on UE, and if a result ofthe determining is yes, perform step 5203.

S203. The HSS sets, in an authentication vector, authenticationidentification information for authenticating on the UE.

S204. The HSS sends the authentication vector to the control networkelement.

In some feasible implementation manners, after receiving theauthentication data request message sent by the control network element,the HSS on a network side may determine whether the authentication datarequest message includes the identification information forauthenticating on the UE, where the identification information forauthenticating on the UE may specifically be an Indication carried in afirst request message sent by the UE to a UE-R, and the UE-R adds, to asecond request message, the Indication carried in the first requestmessage, further sends the second request message to the control networkelement, and sends the second request message to the HSS by using thecontrol network element. Alternatively, the identification informationfor authenticating on the UE may be an Indication added when the UE-Rsends the second request message to the control network elementaccording to the first request message. After adding the Indication tothe second request message, the UE-R sends the second request message tothe control network element, and the control network element may send,to the HSS, the Indication carried in the second request message; thatis, the identification information for authenticating on the UE in thesecond request message may be an Indication selected by the controlnetwork element. As shown in FIG. 3, FIG. 4, or FIG. 5, after receivingthe authentication data request message sent by the control networkelement, the HSS may determine whether the authentication data requestmessage includes the identification information for authenticating onthe UE, that is, whether there is the Indication in the authenticationdata request message. If it is determined that the authentication datarequest message includes the Indication, it may be determined that anauthentication object of the authentication data request message is theUE. In specific implementation, when the HSS determines that theauthentication object corresponding to the authentication data requestmessage is the UE, the HSS may compute an authentication vector messagecorresponding to the authentication data request message, that is, anauthentication vector message for authenticating on the UE, and may set,in the authentication vector message, the authentication identificationinformation for authenticating on the UE. Specifically, theauthentication vector message computed by the HSS may include parameterssuch as a RAND, an AUTN, an XRES, and a Kasme. When determining theparameters in the authentication vector for authenticating on the UE,the HSS may set, in an AMF parameter in the AUTN parameter,authentication identification information for authenticating on the UE,where the authentication identification information is used to indicatethat the authentication vector is for authenticating on the UE. As shownin FIG. 3, FIG. 4, or FIG. 5, the HSS may set the X^(th) bit of the AMFparameter as a flag bit used for authenticating on the UE. For example,the X^(th) bit of the AMF parameter is set to 1, which is used as theauthentication identification information for authenticating on the UE,where the Xth bit of the AMF parameter is any one of seven idle bits ofthe AMF parameter, that is, 1≤X≤7.

In some feasible implementation manners, after determining theauthentication vector message for authenticating on the UE, and settingthe authentication identification information for authenticating on theUE, the HSS may send, to the control network element by using anauthentication response message, the authentication vector that includesthe authentication identification information for authenticating on theUE, so as to send, by using the control network element, theauthentication vector to the UE-R by using an authentication requestmessage. After receiving the authentication request message sent by thecontrol network element, the UE-R may determine, according to theauthentication identification information that is for authenticating onthe UE and is in the authentication vector included in theauthentication request message, that the authentication vector is forauthenticating on the UE, but not for authenticating on the UE-R, andmay further send a corresponding authentication parameter in theauthentication vector to the UE, so as to implement authentication onthe UE.

In some feasible implementation manners, as shown in FIG. 7 or FIG. 8,after receiving the authentication data request message sent by thecontrol network element, if it is determined that the authenticationdata request message includes the identification information forauthenticating on the UE, that is, there is the Indication in theauthentication data request message, the HSS may compute theauthentication vector for authenticating on the UE, and set the Xth bitof the AMF parameter in the AUTN parameter of the authentication vector,so as to set the authentication identification information forauthenticating on the UE. In addition, as shown in FIG. 9, after the HSSreceives the authentication data request message sent by the controlnetwork element, if it is determined that the authentication datarequest message includes the identification information forauthenticating on the UE, that is, there is the Indication in theauthentication data request message, the HSS may further encrypt theRAND parameter in the authentication vector, and set the Xth bit of theAMF parameter as a flag bit for encrypting the RAND parameter. That theXth bit of the AMF is set to 1 is used as identification information forencrypting the RAND parameter to obtain an encrypted RAND parameterRAND*. That is, that the Xth bit of the AMF parameter is 1 may be set asencrypting the RAND parameter, and adding the authenticationidentification information for authenticating on the UE to theauthentication vector. When the UE-R receives the authentication vector,if it is determined that the Xth bit of the AMF parameter in theauthentication vector is 1, it may be determined that the authenticationvector is an authentication vector for authenticating on the UE. TheUE-R may send an authentication request to the UE, and send the RAND*parameter and the AUTN parameter in the authentication vector to the UE.After receiving parameter information of the authentication vector, ifit is determined that the Xth bit of the AMF parameter in the AUTNparameter is 1, the UE may decrypt the RAND* parameter and then mayperform verification on the AUTN. That is, when computing theauthentication vector for authenticating on the UE, the HSS may set, byusing a setting method, the authentication identification informationfor authenticating on the UE, and may further protect the parameter RANDin the authentication vector by using an encryption method at the sametime, which can improve efficiency in authenticating the UE and a userexperience effect.

In some feasible implementation manners, if the authentication datarequest message that is sent by the control network element and receivedby the HSS does not include the identification information forauthenticating on the UE, that is, does not include the Indication, asshown in FIG. 10 or FIG. 11, the HSS may compute, according to a methodfor authenticating on the UE-R, the authentication vector forauthenticating on the UE and does not perform setting or encryption onthe authentication vector; and directly sends the authentication vectorto the control network element by using authentication data responseinformation, so as to process the authentication data response messageby using the control network element and send the authentication requestmessage to the UE-R by using the control network element. The UE-R maydetermine, according to the authentication vector processed by using thecontrol network element, whether the authentication request message isfor authenticating on the UE or for authenticating on the UE-R.

In this embodiment of the present invention, after receiving anauthentication data request sent by a control network element, an HSS ona network side may compute, according to the received authenticationdata request, an authentication vector for authenticating on UE, and mayfurther set a parameter in the authentication vector so as to identify amessage, or encrypt a parameter in the authentication vector to protectthe parameter. A UE-R may determine, by using the authentication vectorsent by the HSS, whether the authentication vector is for authenticatingon the UE or for authenticating on the UE-R, which can improveefficiency in authenticating the UE and user experience, and reducecomplexity and costs of terminals such as the UE-R and the HSS.

Referring to FIG. 12, FIG. 12 is a schematic flowchart of a thirdembodiment of a terminal authenticating method according to anembodiment of the present invention. The terminal authenticating methoddescribed in this embodiment includes steps:

S301. UE sends a first request message to a UE-R.

S302. The UE receives an authentication request message sent by theUE-R.

S303. The UE decrypts encrypted information in an authenticationidentification information, and computes an authentication responseaccording to information obtained by the decryption.

S304. The UE sends the authentication response to the UE-R.

In some feasible implementation manners, when the UE is not covered byan EPC network signal, but the UE-R is covered by an EPC network signal,the UE may access a network by using the UE-R, and further may implementshort-distance communication with another UE.

In specific implementation, when the UE accesses the network by usingthe UE-R, the network needs to perform verification on the UE, and theUE can be allowed to access the network only after the verificationsucceeds. Specifically, when a network side performs authentication onthe UE, the UE may send a request message to the UE-R, that is, the UEmay send the first request message to the UE-R, where the first requestmessage may include identification information (that is, an Indication)for authenticating on the UE, as shown in FIG. 3. After the UE sends therequest message to the UE-R, the UE-R may send a request message to acontrol network element on the network side according to the requestmessage sent by the UE, so as to send the identification information(for example, the Indication) of the UE to an HSS on the network side,so that the HSS sets an authentication vector for authenticating on theUE.

In some feasible implementation manners, after receiving anauthentication data request message sent by the control network element,when it is determined that the authentication data request message is arequest that is sent by the UE for accessing the network by using theUE-R, the HSS may compute the authentication vector for authenticatingon the UE, identify, by using a method for setting a parameter in theauthentication vector, that the authentication vector is forauthenticating on the UE, and further send, by using the control networkelement to the UE-R, the authentication request message that includesthe authentication identification information for authenticating on theUE. After receiving the authentication request message sent by thecontrol network element, if it is determined that the authenticationrequest message is for authenticating on the UE, the UE-R may send anauthentication request message to the UE. After receiving theauthentication request message sent by the UE-R, the UE may obtain anauthentication response according to the authentication request message.In specific implementation, the authentication request sent by the UE-Rto the UE may include an authentication parameter requested by the UE-Rfrom the HSS according to the first request message sent by the UE, thatis, an authentication parameter included in the authentication vectorthat is for authenticating on the UE and is set by the HSS according tothe authentication data request sent by the control network element. Asshown in FIG. 3, after receiving the authentication request message sentby the UE-R, the UE may verify correctness of an AUTN parameter in theauthentication request, and compute a RES parameter after it is verifiedthat the AUTN is correct, where the authentication request messagecarries the authentication identification information, and the UE mayperform verification on the authentication identification information,and further compute the authentication response according to theauthentication identification information. After obtaining the RESparameter according to the authentication parameter, the UE may use theRES parameter as an authentication response message of the UE, and sendthe RES parameter to the UE-R, so as to send the authentication responseto the control network element by using the UE-R and completeauthentication on the UE by using the control network element.

In some feasible implementation manners, when an authenticationparameter in the authentication identification information included inthe authentication request message received from the UE-R by the UEincludes encrypted information, as shown in FIG. 7, after receiving theauthentication request message sent by the UE-R, the UE may parse theauthentication identification information in the authentication requestmessage, and determine whether the Xth bit of the AMF parameter in theAUTN parameter in the authentication identification information is 1. Ifit is determined that the Xth bit of the AMF parameter is 1, the UE maydecrypt the encrypted information (RAND* parameter) in theauthentication parameter to learn a plaintext RAND parameter, performverification on the AUTN parameter in the authentication parameter, andfurther obtain an authentication response by computing according toinformation such as the plaintext RAND parameter obtained by thedecryption and the authentication parameter in the authenticationidentification information. Specifically, after the UE decrypts theencrypted information (RAND*) to obtain the plaintext RAND parameter,and learns, by performing verification on the AUTN parameter, that theAUTN parameter is correct, the UE may compute the RES parameter, and usethe RES parameter as the authentication response of the UE and send theRES parameter to the UE-R.

In this embodiment of the present invention, when accessing a network byusing a UE-R, UE may send a request message to the UE-R, acquire, byusing the UE-R, information such as an authentication parameter in anauthentication vector sent by a network side, after verifyingcorrectness of the authentication parameter sent by the UE-R, computes aRES parameter, and then send the RES parameter to the network side byusing the UE-R so as to complete authentication on the UE. In thisembodiment of the present invention, when the authentication parametersent by the network side includes encrypted information, the UE mayfurther decrypt the encrypted information to obtain a plaintext when itis determined that the received parameter includes the encryptedinformation, then perform verification on another parameter, and furthercompute an authentication response according to the plaintext obtainedby decryption and the authentication parameter, which can improveefficiency and security of authentication on the UE. In addition,neither the UE nor the UE-R needs to support a new protocol. Operationsare simple, and complexity and costs of terminals such as the UE and theUE-R are reduced.

FIG. 13 is a schematic flowchart of a fourth embodiment of a terminalauthenticating method according to an embodiment of the presentinvention. The terminal authenticating method described in thisembodiment includes steps:

S401. A control network element receives a second request message sentby a UE-R.

S402. Determine whether the second request message includesidentification information for authenticating on UE, and if a result ofthe determining is yes, perform step S403.

S403. The control network element sends an authentication data requestmessage to an HSS.

In some feasible implementation manners, authentication objectsdescribed in this embodiment of the present invention may include the UEand the UE-R. The UE is used as an example in the following to describe,in detail, the terminal authenticating method provided in thisembodiment of the present invention. The control network elementdescribed in this embodiment of the present invention is the MMEdescribed in the embodiments of the present invention. In some feasibleimplementation manners, the MME network element described in thisembodiment of the present invention may be a function control networkelement in a ProSe service. The terminal authenticating method describedin this embodiment of the present invention is described in detail inthe following by using the control network element as an execution body.

In some feasible implementation manners, the second request messagereceived by the control network element from the UE-R includes theidentification information (that is, an Indication) for authenticatingon the UE and an IMSI. As shown in FIG. 3, when the second requestmessage received by the control network element from the UE-R includesthe Indication, the control network element may send the authenticationdata request message to the HSS according to the IMSI and theIndication. When the second request message received by the controlnetwork element from the UE-R includes an identity (an IMSI) of the UEand a message type of the second request message, the control networkelement may perform matching between the message type of the secondrequest message and a specified message type, and determine whether thesecond request message is of the specified message type. If the messagetype of the second request message is the specified message type, thecontrol network element may send the authentication data request messageto the HSS. After determining that the message type of the secondrequest message is the specified message type, the control networkelement may add the identification information for authenticating on theUE to the authentication data request message, as shown in FIG. 5 andFIG. 9. The identification information for authenticating on the UE maybe identification information (an Indication) that is for authenticatingon the UE and is carried in the second request message, oridentification information (an Indication) added to the authenticationdata request message by the control network element after it isdetermined that the message type of the second request message is thespecified message type. The Indication carried in the second requestmessage and the Indication added to the authentication data requestmessage by the control network element may be a same Indication or maybe different Indications, but both may be used to identify that theauthentication data request message is an authentication data requestmessage that is sent by using the control network element by the UE foraccessing a network by using the UE-R.

S404. The control network element acquires, from the HSS, anauthentication vector determined by the HSS according to theauthentication data request message.

S405. The control network element sends an authentication requestmessage that includes information about the authentication vector to theUE-R.

In some feasible implementation manners, as shown in FIG. 3, when thesecond request message received by the control network element from theUE-R includes the Indication (identification information forauthenticating on the UE), and when it is determined that the secondrequest message includes the Indication, the control network element maysend the authentication data request message to the HSS. Alternatively,as shown in FIG. 5 and FIG. 9, after the control network elementdetermines, according to the received second request message, that themessage type of the second request message is the specified messagetype, the control network element may add, to the authentication datarequest message, identification information Indication forauthenticating on the UE, further send the authentication data requestmessage that includes the IMSI and Indication of the UE to the HSS, andacquire the authentication vector that is set by the HSS and includesauthentication identification information for authenticating on the UE.After acquiring, from the HSS, the authentication vector forauthenticating on the UE, the control network element may send theauthentication request message to the UE-R, so as to send theauthentication request message for authenticating on the UE to the UE byusing the UE-R.

In some feasible implementation manners, as shown in FIG. 10, when thesecond request message received by the control network element from theUE-R includes an Indication 1 (identification information forauthenticating on the UE), after it is determined, according to thesecond request message, that the second request message includes theidentification information Indication 1 for authenticating on the UE,the control network element may send the authentication data requestmessage that includes the IMSI of the UE to the HSS, that is, theauthentication data request message does not include the identificationinformation Indication 1 for authenticating on the UE. After receivingthe authentication data request message that includes only the IMSI ofthe UE, the HSS may directly compute an authentication vector in amanner of computing the authentication vector during authentication onthe UE-R, that is, in this case, the HSS cannot differentiate betweenauthentication on the UE and authentication on the UE-R, and therefore,the HSS cannot make authentication identification information by settingthe authentication vector obtained by computing, and does not performencryption protection on the authentication vector either, but directlysends the authentication vector obtained by processing to the controlnetwork element. After the control network element receives theauthentication vector sent by the HSS, in order that the UE-R canidentify that an authentication vector message sent by the controlnetwork element is for authenticating on the UE but not forauthenticating on the UE-R, after receiving the authentication vectorsent by the HSS, the control network element may add identificationinformation (an Indication 2) to the authentication vector set by theHSS, and further send an authentication request message that includesthe identification information Indication 2 to the UE-R. Theidentification information Indication 2 indicates that theauthentication request message is an authentication request message forauthenticating on the UE. Specifically, the Indication 2 may be a newfield added to the authentication request message, or may be an idlefield in the authentication request message. The Indication 2 may be newidentification information selected by the MME, or may be identificationinformation sent by the UE to the UE-R, or may be identificationinformation sent by the UE-R to the MME, or may be identificationinformation sent by the MME to the HSS. In specific implementation, asshown in FIG. 14, when the second request message received by thecontrol network element from the UE-R includes only the IMSI of the UE,and does not include the identification information Indication (or theIndication 1) for authenticating on the UE, the control network elementmay determine, according to the message type of the second requestmessage, whether the message type of the second request message is thespecified message type. After determining that the second requestmessage includes the identification information for authenticating onthe UE (which may specifically be the Indication in FIG. 3 or theIndication 1 in FIG. 10) or the message type of the second requestmessage is the specified message type, the control network element mayalso send the authentication data request message to the HSS, where theauthentication data request message does not include the identificationinformation for authenticating on the UE. After receiving theauthentication data request message that includes only the IMSI of theUE (that is, the identification information for authenticating on the UEis not included), the HSS may directly compute an authentication vectorin a manner of computing the authentication vector during authenticationon the UE-R, and send the authentication vector obtained by processingto the control network element. After receiving an authenticationresponse message that is sent by the HSS and includes the authenticationvector and before sending the authentication vector to the UE-R by usingthe authentication request message, the control network element may addthe identification information (for example, the Indication 2) to theauthentication request message, and send, to the UE-R by using theauthentication request message, the information such as theauthentication vector that includes the identification informationIndication 2. As shown in FIG. 14, after receiving an authenticationvector message sent by the HSS, the control network element may add theidentification information (the Indication 2) to the authenticationrequest message set by the HSS, and send, to the UE-R, theauthentication request message that includes the Indication 2 and theauthentication vector (including a RAND and an AUTN) set by the HSS.Specifically, the control network element may send an authenticationrequest that includes the identification information Indication 2 andthe authentication vector to the UE-R, so as to inform, by using theIndication 2, that the authentication request message is a requestmessage for authenticating on the UE.

In some feasible implementation manners, after the control networkelement sends the authentication request message for authenticating onthe UE to the UE-R, the UE-R may send, according to the authenticationrequest message, an authentication request message to the UE, and send,to the UE, the information such as the RAND and AUTN set by the HSS. TheUE may perform verification on an authentication parameter included inthe authentication vector in the authentication request message, computea parameter RES, and further send the RES parameter to the UE-R by usingan authentication response. After receiving the authentication responsemessage sent by the UE, the UE-R may send the authentication responsemessage that includes the RES parameter to the control network element.After receiving the authentication response message, the control networkelement may compare the RES parameter in the authentication responsemessage with a prestored XRES in the authentication vector sent by theHSS, to determine whether the RES and the XRES are consistent. If aresult of the determining is yes, it may be determined that the UE is UEthat is allowed to access a network, that is, authentication on the UEmay be completed by using the authentication request of the UE.

In this embodiment of the present invention, a control network elementmay determine, according to a second request message sent by a UE-R,whether the second request message includes identification informationfor authenticating on UE or whether a message type of the second requestmessage is a specified message type, when the second request messageincludes the identification information for authenticating on the UE orthe message type of the second request message is the specified messagetype, send an authentication data request message to an HSS, acquire,from the HSS, authentication identification information such as anauthentication vector for authenticating on the UE, and further send anauthentication request message that includes the authenticationidentification information to the UE-R, so as to send the authenticationidentification information to the UE by using the UE-R. The controlnetwork element in this embodiment of the present invention may send theauthentication data request message that includes identificationinformation for authenticating on the UE to the HSS, or send theauthentication request message that includes the authenticationidentification information to the UE-R, which can improve efficiency inauthenticating the UE, reduce complexity and costs of terminals such asthe UE-R and the UE, and improve user experience of authentication onthe UE.

-   Referring to FIG. 15, FIG. 15 is a schematic structural diagram of    an embodiment of a terminal authentication relay device according to    an embodiment of the present invention. The relay device described    in this embodiment includes:-   a receiving module 10, configured to receive a first request message    sent by UE;-   a sending module 20, configured to send a second request message to    a control network element according to the first request message    sent by the UE, so that the control network element sends an    authentication data request message to an HSS according to the    second request message, where the authentication data request    message carries identification information for authenticating on the    UE; where-   the receiving module 10 is configured to receive an authentication    request message sent by the control network element; and-   a determining module 30, configured to determine, according to the    authentication request message received by the receiving module,    whether the authentication request message is for authenticating on    the UE; where-   the sending module 20 is configured to: when a result of the    determining by the determining module is yes, send an authentication    request message to the UE, where the authentication request message    includes an authentication parameter of the UE;-   the receiving module 10 is further configured to receive an    authentication response message that is sent by the UE according to    the authentication request message sent by the sending module; and-   the sending module 20 is configured to send, to the control network    element, the authentication response message received by the    receiving module, so as to complete authentication on the UE by    using the control network element.

In some feasible implementation manners, the first request message thatis sent by the UE and received by the receiving module 10 includes theidentification information for authenticating on the UE; and

-   the sending module 20 is further specifically configured to:-   add, to the second request message, the identification information    for authenticating on the UE that is carried in the first request    message, and send the second request message to the control network    element.

In specific implementation, the UE-R described in the embodiments of thepresent invention is the terminal authentication relay device describedin this embodiment of the present invention.

In some feasible implementation manners, the first request message thatis sent by the UE and received by the receiving module 10 may include anidentity (an IMSI) of the UE and identification information (anIndication) (that is, identification information for authenticating onthe UE) of the UE. The identification information Indication mayindicate that the first request message is a request that is sent by theUE for accessing a network by using the UE-R. In specificimplementation, after the receiving module 10 of the UE-R receives thefirst request message that is sent to the UE-R by the UE for accessingthe network by using the UE-R and includes the IMSI and Indication ofthe UE, the sending module 20 of the UE-R may send the second requestmessage to the control network element according to the first requestmessage that is sent by the UE and received by the receiving module 10.Specifically, a message type of the second request message and a messagetype of the first request message may be the same or different, whichmay be specifically set according to an actual scenario requirement forauthenticating on the UE. In specific implementation, when sending thesecond request message to an MME, the sending module 20 may add theidentification information for authenticating on the UE to the secondrequest message, where the identification information for authenticatingon the UE is used to identify that the second request message is arequest message that is sent by the UE-R to the MME when the UE accessesthe network by using the UE-R. Specifically, when the first requestmessage that is sent by the UE and received by the receiving module 10of the UE-R includes the identification information (that is, theIndication) for authenticating on the UE, the sending module 20 may usethe identification information Indication as the identificationinformation for authenticating on the UE and add the identificationinformation Indication to the second request message. Alternatively, thesending module 20 may select new identification information, use theselected new identification information as the identificationinformation for authenticating on the UE and add the selected newidentification information to the second request message, and furthersend the second request message to the MME (that is, the control networkelement). As shown in FIG. 3, when the receiving module 10 of the UE-Rreceives the first request message sent by the UE, if the first requestmessage received by the receiving module 10 includes the IMSI andIndication of the UE, the sending module 20 of the UE-R may add, to thesecond request message, the IMSI and Indication of the UE that areincluded in the first request message; or the sending module 20 mayre-select an Indication, and add the IMSI and the re-selected Indicationto the second request message. Then, the second request message is sentto the control network element. After receiving, by using the UE-R, thesecond request message sent by the UE-R, the control network element ona network side may determine, according to the Indication included inthe second request message, that authentication currently needs to beperformed on the UE that accesses the network by using the UE-R, but noton the UE-R. Then, the MME may send a corresponding user authenticationdata request message to the HSS.

In some feasible implementation manners, the first request message thatis sent by the UE and received by the receiving module 10 does notinclude the identification information for authenticating on the UE; and

-   the sending module 20 is specifically configured to:-   add the identification information for authenticating on the UE to    the second request message, and send the second request message to    the control network element.

In some feasible implementation manners, as shown in FIG. 4, when thefirst request message that is sent by the UE and received by thereceiving module 10 includes only the IMSI of the UE, and does notinclude the identification information (an Indication) forauthenticating on the UE, after the UE accesses the network by using theUE-R and sends the first request message that includes the IMSI of theUE to the UE-R, the sending module 20 of the UE-R may send the secondrequest message to the control network element according to the firstrequest message sent by the UE. Specifically, the message type of thesecond request message sent by the sending module 20 and the messagetype of the first request message may be the same or different, whichmay be specifically set according to an actual scenario requirement forauthenticating on the UE. In specific implementation, as shown in FIG.4, when the first request message received by the receiving module 10 ofthe UE-R includes only the IMSI of the UE, the sending module 20 of theUE-R may add the identification information Indication (that is, theidentification information for authenticating on the UE) to the firstrequest message sent by the UE, add the IMSI and the Indication to thesecond request message, and send the second request message thatincludes the IMSI and Indication of the UE to the control networkelement. After receiving, by using the UE-R, the second request messagesent by the UE-R, the control network element on the network side maydetermine, according to the Indication of the UE included in the secondrequest message, that authentication currently needs to be performed onthe UE that accesses the network by using the UE-R, but not on the UE-R.

In specific implementation, as shown in FIG. 5, when the first requestmessage sent by the UE includes only the IMSI of the UE, after thereceiving module 10 receives the first request message that is sent tothe UE-R by the UE for accessing the network by using the UE-R andincludes the IMSI of the UE, the sending module 20 of the UE-R may sendthe second request message to the control network element according tothe first request message sent by the UE. Specifically, the message typeof the second request message sent by the sending module 20 and themessage type of the first request message may be the same or different,which may be specifically set according to an actual scenariorequirement for authenticating on the UE. In specific implementation, asshown in FIG. 5, when the first request message received by thereceiving module 10 of the UE-R includes only the IMSI of the UE, thesending module 20 of the UE-R may directly add the IMSI of the UE in thefirst request message to the second request message, and send the secondrequest message that includes the IMSI of the UE to the control networkelement, that is, in the foregoing implementation manner, the secondrequest message sent by the sending module 20 of the UE-R to the controlnetwork element includes the IMSI of the UE, and does not include theidentification information Indication for authenticating on the UE. Inthe foregoing implementation manner, after the sending module 20 of theUE-R sends the second request message that includes only the IMSI of theUE to the control network element on the network side, the controlnetwork element cannot acquire the Indication directly from the secondrequest message because there is no Indication in the second requestmessage. In this case, the control network element may determine,according to the message type of the second request message, whether therequest is an authentication request sent by the UE when the UE accessesthe network by using the UE-R or an authentication request sent by theUE-R when the UE-R accesses the network. Specifically, the controlnetwork element may perform matching between the message type of thereceived second request message sent by the sending module 20 and aprestored specified message type, and determine whether the message typeof the second request message belongs to the specified message type. Ifit is determined that the message type of the second request message isthe specified message type, the sending module 20 of the control networkelement may send the corresponding user authentication data requestmessage to the HSS, and may further inform the HSS, by using the userauthentication data request message, whether the UE accesses the networkor the UE-R accesses the network. That is, the control network elementdetermines, according to determining of the message type of the secondrequest message, whether a message type of the currently received secondrequest message is the specified message type, so as to determinecontent included in the user authentication data request message sent tothe HSS. That is, it may be determined that authentication needs to beperformed on the UE that accesses the network by using the UE-R, but noton the UE-R.

In some feasible implementation manners, after receiving the secondrequest message sent by the sending module 20 of the UE-R, the networkside may compute, according to the second request message, anauthentication vector used for performing authentication on the UE. Inspecific implementation, as shown in FIG. 3 or FIG. 4, when the secondrequest message that is sent by the sending module 20 of the UE-R andreceived by the control network element on the network side includes theidentification information Indication, it may be determined that thesecond request message is a request that is sent by the UE for accessingthe network by using the UE-R, but not a request for accessing thenetwork by the UE-R, that is, when it is determined that the secondrequest message includes the Indication, the network side may computethe authentication vector used for performing authentication on the UE.Specifically, when it is determined that the second request messageincludes the Indication, the network side may set authenticationidentification information (that is, authentication identificationinformation for authenticating on the UE) in the authentication vectorused for performing authentication on the UE, where the authenticationidentification information is used to indicate that the authenticationvector is for authenticating on the UE, and send the authenticationvector that includes the authentication identification information tothe UE-R by using an authentication request message. When setting theauthentication identification information for authenticating on the UE,the network side may set, in an AMF parameter in the authenticationvector, the authentication identification information for authenticatingon the UE. For example, the Xth bit of an AMF parameter may be set to 1in an AUTN parameter in the authentication vector, where 1≤X≤7, that is,the Xth bit of the AMF parameter may be any one of seven idle bits ofthe AMF parameter. The network side sets the flag bit, and sends anauthentication vector that includes the flag bit to the UE-R, and theUE-R then may determine, according to the flag bit, that the receivedauthentication vector is used for authenticating on the UE but not forauthenticating on the UE-R.

In specific implementation, when the second request message received bythe network side does not include the identification informationIndication, the network side may further determine, according to themessage type of the second request message, that the second requestmessage is a request message that is sent by the UE for accessing thenetwork by using the UE-R, but not a request message that is sent by theUE-R for accessing the network. When it is determined that the receivedsecond request message is a request message that is sent by the UE foraccessing the network by using the UE-R, the network side may computethe authentication vector used for performing authentication on the UE,set, in the authentication vector, the authentication identificationinformation for authenticating on the UE, and further, sendauthentication vector parameters RAND and AUTN that include theidentification information for authenticating on the UE to the UE-R.

In some feasible implementation manners, the authentication requestmessage that is sent by the control network element and received by thereceiving module 10 includes authentication identification informationthat is for authenticating on the UE and is set by the HSS according tothe identification information for authenticating on the UE; and

-   the determining module 30 is specifically configured to:-   determine whether the authentication request message includes the    authentication identification information; and-   if the authentication request message includes the authentication    identification information, determine that the authentication    request message is for authenticating on the UE.

In some feasible implementation manners, after the receiving module 10of the UE-R receives the authentication request message sent by thecontrol network element on the network side, the determining module 30may determine, according to various parameter information of theauthentication vector included in the authentication request messagereceived by the receiving module 10, whether the authentication requestmessage is for authenticating on the UE. If the determining module 30determines that the authentication request message is for authenticatingon the UE, the sending module 20 of the UE-R sends the authenticationrequest message to the UE. In specific implementation, when thereceiving module 10 of the UE-R receives the authentication requestmessage sent by the control network element, the determining module 30of the UE-R may determine whether the authentication request messageincludes the authentication identification information forauthenticating on the UE. For example, the determining module 30 of theUE-R may determine whether the Xth bit of the AMF parameter of theauthentication vector in the authentication request message is 1. If itis determined that the Xth bit of the AMF in the authentication vectoris 1, the determining module 30 determines that the authenticationrequest message is for authenticating on the UE. Specifically, as shownin FIG. 10, the determining module 30 of the UE-R may further determinewhether the authentication request message includes identificationinformation Indication 2. If there is the identification informationIndication 2, it is determined that the authentication request messageis for authenticating on the UE. Then, the sending module 20 may sendthe authentication request message to the UE, and send parameters suchas the AUTN and the RAND in the authentication vector to the UE, so asto be verified by the UE.

In some feasible implementation manners, when sending the authenticationrequest message to the UE, the sending module 20 of the UE-R may send,to the UE, the authentication vector received from the network side.After receiving the authentication vector parameters RAND and AUTN thatare sent by the UE-R, the UE may perform verification on the parametersRAND and AUTN in the authentication vector, to verify correctness of theAUTN parameter. After it is verified that the AUTN is correct, the UEmay compute a RES parameter, and send, to the UE-R, the RES parameterobtained by computing. After receiving the authentication response(including the RES parameter) sent by the UE, the UE-R may send theauthentication response to the control network element on the networkside, so as to complete authentication on the UE by using the controlnetwork element.

In this embodiment of the present invention, a UE-R may receive arequest message sent by UE, send an authentication request message to anetwork side according to the request message sent by the UE, andacquire, from the network side, an authentication vector that includesauthentication identification information for authenticating on the UE.The UE-R may determine, according to an authentication request messagesent by the network side, whether to perform authentication on the UE orthe UE-R, and further send the authentication request message to the UE,so as to complete authentication on the UE. Operations are simple, costsof a terminal are low, and efficiency in authenticating the UE and userexperience are improved.

Referring to FIG. 16, FIG. 16 is a schematic structural diagram of anembodiment of a terminal authentication server according to anembodiment of the present invention. The server described in thisembodiment includes:

-   a receiving module 40, configured to receive an authentication data    request message sent by a control network element;-   a determining module 50, configured to determine, according to the    authentication data request message received by the receiving    module, whether the authentication data request message includes    identification information for authenticating on UE;-   a processing module 60, configured to: when a result of the    determining by the determining module 50 is yes, set, in an    authentication vector, authentication identification information for    authenticating on the UE; and-   a sending module 70, configured to send, to the control network    element, the authentication vector obtained by processing by the    processing module, so as to send the authentication identification    information to a UE-R by using the control network element, so that    the UE-R determines, according to the authentication identification    information, whether to perform authentication on the UE.

In some feasible implementation manners, the authentication vectorobtained by processing by the processing module 60 includes a RANDparameter, an AUTN parameter, an XRES parameter, and a Kasme parameter;and

the processing module 60 is specifically configured to:

set the authentication identification information in an AMF parameter inthe AUTN parameter in the authentication vector.

In specific implementation, the HSS described in the embodiments of thepresent invention is the terminal authentication server described inthis embodiment of the present invention.

In some feasible implementation manners, after the receiving module 40of the HSS on a network side receives the authentication data requestmessage sent by the control network element, the determining module 50may determine whether the authentication data request message includesthe identification information for authenticating on the UE, where theidentification information for authenticating on the UE may specificallybe an Indication carried in a first request message sent by the UE to aUE-R, and the UE-R adds, to a second request message, the Indicationcarried in the first request message, further sends the second requestmessage to the control network element, and sends the second requestmessage to the HSS by using the control network element. Alternatively,the identification information for authenticating on the UE may be anIndication added when the UE-R sends the second request message to thecontrol network element according to the first request message. Afteradding the Indication to the second request message, the UE-R sends thesecond request message to the control network element, and the controlnetwork element may send, to the HSS, the Indication carried in thesecond request message; the identification information forauthenticating on the UE may be Indication selected for the controlnetwork element. As shown in FIG. 3, FIG. 4, or FIG. 5, after thereceiving module 40 of the HSS receives the authentication data requestmessage sent by the control network element, the determining module 50may determine whether the authentication data request message includesthe identification information for authenticating on the UE, that is,whether there is the Indication in the authentication data requestmessage. If it is determined that the authentication data requestmessage includes the Indication, the determining module 50 may determinethat an authentication object of the authentication data request messageis the UE. In specific implementation, when the determining module 50 ofthe HSS determines that the authentication object corresponding to theauthentication data request message is the UE, the processing module 60may compute an authentication vector message corresponding to theauthentication data request message, that is, an authentication vectormessage for authenticating on the UE, and may set, in the authenticationvector message, the authentication identification information forauthenticating on the UE. Specifically, the authentication vectormessage obtained by processing by the processing module 60 may includeparameters such as a RAND, an AUTN, an XRES, and a Kasme. Whendetermining the parameters in the authentication vector forauthenticating on the UE, the processing module 60 of the HSS may set,in an AMF parameter in the AUTN parameter, authentication identificationinformation for authenticating on the UE, where the authenticationidentification information is used to indicate that the authenticationvector is for authenticating on the UE. As shown in FIG. 3, FIG. 4, orFIG. 5, the processing module 60 may set the Xth bit of the AMFparameter as a flag bit used for authenticating on the UE. For example,the Xth bit of the AMF parameter is set to 1, which is used as theauthentication identification information for authenticating on the UE,where the Xth bit of the AMF parameter is any one of seven idle bits ofthe AMF parameter, that is, 1≤X≤7.

In some feasible implementation manners, after the processing module 60of the HSS determines the authentication vector message forauthenticating on the UE, and sets the authentication identificationinformation for authenticating on the UE, the sending module 70 maysend, to the control network element by using an authentication responsemessage, the authentication vector that includes the authenticationidentification information for authenticating on the UE, so as to send,by using the control network element, the authentication vector to theUE-R by using an authentication request message. After receiving theauthentication request message sent by the control network element, theUE-R may determine, according to the authentication identificationinformation that is for authenticating on the UE and is in theauthentication vector included in the authentication request message,that the authentication vector is for authenticating on the UE, but notfor authenticating on the UE-R, and may further send a correspondingauthentication parameter in the authentication vector to the UE, so asto implement authentication on the UE.

In some feasible implementation manners, the authentication vectorobtained by processing by the processing module 60 includes a RANDparameter, an AUTN parameter, an XRES parameter, and a Kasme parameter;and

-   the processing module 60 is further specifically configured to:-   encrypt the RAND parameter in the authentication vector; and-   set the authentication identification information in an AMF    parameter in the AUTN parameter in the authentication vector.

In some feasible implementation manners, as shown in FIG. 7 or FIG. 8,after the receiving module 40 of the HSS receives the authenticationdata request message sent by the control network element, if thedetermining module 50 determines that the authentication data requestmessage includes the identification information for authenticating onthe UE, that is, there is the Indication in the authentication datarequest message, the processing module 60 may compute the authenticationvector for authenticating on the UE, and set the Xth bit of the AMFparameter in the AUTN parameter of the authentication vector, so as toset the authentication identification information for authenticating onthe UE. In addition, as shown in FIG. 9, after the HSS receives theauthentication data request message sent by the control network element,if it is determined that the authentication data request messageincludes the identification information for authenticating on the UE,that is, there is the Indication in the authentication data requestmessage, the processing module 60 of the HSS may further encrypt theRAND parameter in the authentication vector, and set the Xth bit of theAMF parameter as a flag bit for encrypting the RAND parameter. That theXth bit of the AMF is set to 1 is used as identification information forencrypting the RAND parameter to obtain an encrypted RAND parameter(RAND*). That is, the processing module 60 may set that the Xth bit ofthe AMF parameter is 1 as encryptin the RAND parameter, and adding theauthentication identification information for authenticating on the UEto the authentication vector. When the UE-R receives the authenticationvector, if it is determined that the Xth bit of the AMF parameter in theauthentication vector is 1, it may be determined that the authenticationvector is an authentication vector for authenticating on the UE. TheUE-R may send an authentication request to the UE, and send the RAND*parameter and the AUTN parameter in the authentication vector to the UE.After receiving parameter information of the authentication vector, ifit is determined that the Xth bit of the AMF parameter in the AUTNparameter is 1, the UE may decrypt the RAND* parameter and then mayperform verification on the AUTN. That is, when computing theauthentication vector for authenticating on the UE, the HSS may set, byusing a setting method, the authentication identification informationfor authenticating on the UE, and may further protect the parameter RANDin the authentication vector by using an encryption method at the sametime, which can improve efficiency in authenticating the UE and a userexperience effect.

In some feasible implementation manners, if the authentication datarequest message that is sent by the control network element and receivedby the receiving module 40 of the HSS does not include theidentification information for authenticating on the UE, that is, doesnot include the Indication, as shown in FIG. 10 or FIG. 11, theprocessing module 60 of the HSS may compute, according to a method forperforming authentication on the UE-R, the authentication vector forauthenticating on the UE and does not perform setting or encryption onthe authentication vector; and directly sends, by using the sendingmodule 70 to the control network element, an authentication dataresponse message that includes the authentication vector, so as toprocess the authentication data response message by using the controlnetwork element and send the authentication request message to the UE-Rby using the control network element. The UE-R may determine, accordingto the authentication vector processed by using the control networkelement, whether the authentication request message is forauthenticating on the UE or for authenticating on the UE-R.

In this embodiment of the present invention, after receiving anauthentication data request sent by a control network element, the HSSdescribed in this embodiment of the present invention may compute,according to the received authentication data request, an authenticationvector for authenticating on UE, and may further set a parameter in theauthentication vector so as to identify a message, or encrypt aparameter in the authentication vector to protect the parameter. A UE-Rmay determine, by using the authentication vector sent by the HSS,whether the authentication vector is for authenticating on the UE or forauthenticating on the UE-R, which can improve efficiency inauthenticating the UE and user experience and reduce complexity andcosts of terminals such as the UE-R and the HSS.

Referring to FIG. 17, FIG. 17 is a schematic structural diagram of anembodiment of terminal authentication user equipment according to anembodiment of the present invention. The user equipment described inthis embodiment includes:

-   a sending module 100, configured to send a first request message to    a UE-R, so that the UE-R sends a second request message to a control    network element according to the first request message;-   a receiving module 200, configured to receive an authentication    request message sent by the UE-R, where the authentication request    message carries authentication identification information for    authenticating on the UE; and-   a processing module 300, configured to decrypt encrypted information    in the authentication identification information, and compute an    authentication response according to information obtained by the    decryption.

In some feasible implementation manners, the first request message sentby the sending module 100 includes the identification information forauthenticating on the UE.

In specific implementation, the UE described in the embodiments of thepresent invention is the terminal authentication user equipmentdescribed in this embodiment of the present invention.

In some feasible implementation manners, when the UE is not covered byan EPC network signal, but the UE-R is covered by an EPC network signal,the UE may access a network by using the UE-R, and further may implementshort-distance communication with another UE.

In specific implementation, when the UE accesses the network by usingthe UE-R, the network needs to perform verification on the UE, and theUE can be allowed to access the network only after the verificationsucceeds. Specifically, when a network side performs authentication onthe UE, the sending module 100 of the UE may send a request message tothe UE-R, that is, the UE may send the first request message to theUE-R, where the first request message may include identificationinformation (that is, Indication) for authenticating on the UE, as shownin FIG. 3. After the sending module 100 of the UE sends the requestmessage to the UE-R, the UE-R may send a request message to a controlnetwork element on the network side according to the request messagesent by the UE, so as to send the identification information (forexample, the Indication) of the UE to an HSS on the network side, sothat the HSS sets an authentication vector for authenticating on the UE.

In some feasible implementation manners, after receiving anauthentication data request message sent by the control network element,when it is determined that the authentication data request message is arequest that is sent by the UE for accessing the network by using theUE-R, the HSS may compute the authentication vector for authenticatingon the UE, identify, by using a method for setting a parameter in theauthentication vector, that the authentication vector is forauthenticating on the UE, and further send, by using the control networkelement to the UE-R, the authentication request message that includesthe authentication identification information for authenticating on theUE. After receiving the request message sent by the control networkelement, if it is determined that the authentication request message isfor authenticating on the UE, the UE-R may send an authenticationrequest message to the UE. After receiving the authentication requestmessage sent by the UE-R, the receiving module 200 of the UE may obtainan authentication response of the UE according to the authenticationrequest message. In specific implementation, the authentication requestthat is sent by the UE-R to the UE and received by the receiving module200 of the UE may include an authentication parameter requested by theUE-R from the HSS according to the first request message sent by the UE,that is, an authentication parameter included in the authenticationvector that is for authenticating on the UE and is set by the HSSaccording to the authentication data request sent by the control networkelement. As shown in FIG. 3, after the receiving module 200 of the UEreceives the authentication request message sent by the UE-R, theprocessing module 300 may verify correctness of an AUTN parameter in theauthentication request, and compute a RES parameter after it is verifiedthat the AUTN is correct, where the authentication request messagecarries the authentication identification information, and the UE mayperform verification on the authentication identification information,and further compute the authentication response according to theauthentication identification information. After learning the RESparameter according to the authentication parameter, the processingmodule 300 of the UE may use the RES parameter as an authenticationresponse of the UE, and send the RES parameter to the UE-R by using thesending module 100, so as to send the authentication response to thecontrol network element by using the UE-R and complete authentication onthe UE by using the control network element.

In some feasible implementation manners, when an authenticationparameter in the authentication identification information included inthe authentication request message received from the UE-R by thereceiving module 200 of the UE includes encrypted information, as shownin FIG. 7, after the receiving module 200 receives the authenticationrequest message sent by the UE-R, the processing module 300 maydetermine and parse the authentication identification information in theauthentication request message, and determine whether the Xth bit of theAMF parameter in the AUTN parameter in the authentication identificationinformation is 1. If it is determined that the Xth bit of the AMFparameter is 1, the processing module 300 may decrypt the encryptedinformation (RAND* parameter) in the authentication parameter to learn aplaintext RAND parameter, perform verification on the AUTN parameter inthe authentication parameter, and further obtain an authenticationresponse by computing according to information such as the plaintextRAND parameter obtained by the decryption and the authenticationparameter in the authentication identification information.Specifically, after the processing module 300 of the UE decrypts theencrypted information (RAND*) to obtain the plaintext RAND parameter,and learns, by performing verification on the AUTN parameter, that theAUTN parameter is correct, the processing module 300 of the UE maycompute the RES parameter, and use the RES parameter as theauthentication response of the UE and send the RES parameter to the UE-Rby using the sending module 100.

When accessing a network by using a UE-R, the UE described in thisembodiment of the present invention may send a request message to theUE-R, acquire, by using the UE-R, information such as an authenticationparameter in an authentication vector sent by a network side, afterverifying correctness of the authentication parameter sent by the UE-R,compute a RES parameter, and then send the RES parameter to the networkside by using the UE-R so as to complete authentication on the UE. Whenthe authentication parameter that is sent by the network side andreceived by the UE described in this embodiment of the present inventionincludes encrypted information, the UE may further decrypt the encryptedinformation to obtain a plaintext when it is determined that thereceived parameter includes the encrypted information, then performverification on another parameter, and further compute an authenticationresponse according to the plaintext obtained by decryption and theauthentication parameter, which can improve security of authenticationon the UE. In addition, neither the UE nor the UE-R needs to support anew protocol. Operations are simple, and complexity and costs ofterminals such as the UE and the UE-R are reduced.

Referring to FIG. 18, FIG. 18 is a schematic structural diagram of anembodiment of a terminal authentication control device according to anembodiment of the present invention. The control device described inthis embodiment includes:

-   a receiving module 400, configured to receive a second request    message sent by a UE-R;-   a processing module 500, configured to determine, according to the    second request message received by the receiving module, whether the    second request message includes identification information for    authenticating on UE; and-   a sending module 600, configured to when a result of the determining    by the processing module is yes, send an authentication data request    message to an HSS, where the authentication data request message    carries the identification information for authenticating on the UE;    where the receiving module 400 is configured to acquire, from the    HSS, an authentication vector determined by the HSS according to the    authentication data request message; and-   the sending module 600 is further configured to send, to the UE-R,    an authentication request message that includes information about    the authentication vector and is received by the receiving module,    so that the UE-R determines whether the authentication request    message is for authenticating on the UE.

In some feasible implementation manners, the control device (as shown inFIG. 19) further includes:

-   a determining module 700, configured to determine, according to the    second request message received by the receiving module, whether the    second request message is of a specified message type; and if the    second request message is of the specified message type, instruct    the sending module to send the authentication data request message    to the HSS.

In specific implementation, the terminal authentication control deviceprovided in this embodiment of the present invention may be the MMEdescribed in the embodiments of the present invention, or may be afunction control network element in a Prose service, that is, thecontrol network element described in the embodiments of the presentinvention is the terminal authentication control device provided in thisembodiment of the present invention. That the MME is the terminalauthentication control device provided in this embodiment of the presentinvention is used for detailed description in the following.

In some feasible implementation manners, the second request messagereceived by the receiving module 400 of the MME from the UE-R mayinclude an identity (an IMSI) of the UE and the identificationinformation (that is, an Indication) for authenticating on the UE. Asshown in FIG. 3, when the second request message received by thereceiving module 400 from the UE-R includes the Indication, theprocessing module 500 may send the authentication data request messageto the HSS according to the IMSI and the Indication.

In some feasible implementation manners, when the second request messagereceived by the receiving module 400 from the UE-R includes the identity(the IMSI) of the UE and a message type of the second request message,the determining module 700 may perform matching between the message typeof the second request message and a specified message type, anddetermine whether the second request message is of the specified messagetype. If the message type of the second request message is the specifiedmessage type, the control network element may send the authenticationdata request message to the HSS. After the determining module 700determines that the message type of the second request message is thespecified message type, the sending module 600 may add theidentification information for authenticating on the UE to theauthentication data request message, as shown in FIG. 5 and FIG. 9. Theidentification information for authenticating on the UE may beidentification information (an Indication) that is for authenticating onthe UE and is carried in the second request message, or identificationinformation (an Indication) added to the authentication data requestmessage by the control network element after it is determined that themessage type of the second request message is the specified messagetype. The Indication carried in the second request message and theIndication added to the authentication data request message by thecontrol network element may be a same Indication or may be differentIndications, but both may be used to identify that the authenticationdata request message is an authentication data request message that issent by using the control network element by the UE for accessing anetwork by using the UE-R.

In some feasible implementation manners, the sending module 600 isspecifically configured to:

-   add the identification information for authenticating on the UE to    the authentication data request message, and send the authentication    data request message to the HSS.

In some feasible implementation manners, as shown in FIG. 3, when thesecond request message received by the receiving module 400 from theUE-R includes the Indication (identification information forauthenticating on the UE), and when it is determined that the secondrequest message includes the Indication, the processing module 500 maysend the authentication data request message to the HSS. Alternatively,as shown in FIG. 5 and FIG. 9, after the determining module 700determines, according to the received second request message, that themessage type of the second request message is the specified messagetype, the sending module 600 may add, to the authentication data requestmessage, identification information Indication for authenticating on theUE, further send the authentication data request message that includesthe IMSI and Indication of the UE to the HSS, and acquire, from the HSSby using the receiving module 400, the authentication vector that is setby the HSS and includes authentication identification information forauthenticating on the UE. After acquiring, from the HSS, theauthentication vector for authenticating on the UE, the receiving module400 may send the authentication request message to the UE-R by using thesending module 600, and send the authentication request message to theUE-R, so as to send the authentication request message forauthenticating on the UE to the UE by using the UE-R.

In some feasible implementation manners, the sending module 600 isspecifically configured to:

add the identification information for authenticating on the UE to theauthentication request message that includes the authentication vector,and send the authentication request message to the UE-R.

In some feasible implementation manners, as shown in FIG. 10, when thesecond request message received by the receiving module 400 from theUE-R includes an Indication 1 (identification information forauthenticating on the UE), after it is determined, according to thesecond request message, that the second request message includes theidentification information Indication 1 for authenticating on the UE,the processing module 500 may send, by using the sending module 600 tothe HSS, the authentication data request message that includes the IMSIof the UE, that is, the authentication data request message does notinclude the identification information Indication 1 for authenticatingon the UE. After receiving the authentication data request message thatincludes only the IMSI of the UE, the HSS may directly compute anauthentication vector in a manner of computing the authentication vectorduring authentication on the UE-R, that is, in this case, the HSS cannotdifferentiate between authentication on the UE and authentication on theUE-R, and therefore, the HSS cannot make authentication identificationinformation by setting the authentication vector obtained by computing,and does not perform encryption protection on the authentication vectoreither, but directly sends the authentication vector obtained byprocessing to the control network element. After the receiving module400 of the MME receives the authentication vector sent by the HSS, inorder that the UE-R can identify that an authentication vector messagesent by the control network element is for authenticating on the UE butnot for authenticating on the UE-R, after the receiving module 400receives the authentication vector sent by the HSS, the processingmodule 500 of the MME may add identification information (an Indication2) to the authentication vector that is set by the HSS and received bythe receiving module 400, and further send, by using the sending module600 to the UE-R, an authentication request message that includes theidentification information Indication 2. The identification informationIndication 2 indicates that the authentication request message is anauthentication request message for authenticating on the UE.Specifically, the Indication 2 may be a new field added to theauthentication request message, or may be an idle field in theauthentication request message. The Indication 2 may be newidentification information selected by the MME, or may be identificationinformation included in the request message sent by the UE to the UE-R,or may be identification information included in the request messagesent by the UE-R to the MME, or may be identification informationincluded in the authentication data request message sent by the MME tothe HSS. In specific implementation, as shown in FIG. 14, when thesecond request message received by the receiving module 400 of the MMEfrom the UE-R includes only the IMSI of the UE, and does not include theidentification information Indication (or the Indication 1) forauthenticating on the UE, the processing module 500 may determine,according to the message type of the second request message, whether themessage type of the second request message is the specified messagetype. After the processing module 500 determines that the second requestmessage includes the identification information (which may specificallybe the Indication in FIG. 3 or the Indication 1 in FIG. 10) forauthenticating on the UE or the message type of the second requestmessage is the specified message type, the sending module 600 may sendthe authentication data request message to the HSS, where theauthentication data request message does not include the identificationinformation for authenticating on the UE. After receiving theauthentication data request message that includes only the IMSI of theUE (that is, the identification information for authenticating on the UEis not included), the HSS may directly compute an authentication vectorin a manner of computing the authentication vector during authenticationon the UE-R, and send the authentication vector obtained by processingto the MME. After the receiving module 400 of the MME receives anauthentication response message that is sent by the HSS and includes theauthentication vector and before the sending module 600 sends theauthentication vector to the UE-R by using the authentication requestmessage, the processing module 500 may add the identificationinformation (for example, the Indication 2) for authenticating on the UEto the authentication request message, and send, to the UE-R by usingthe sending module 600, the information such as the authenticationvector that includes the identification information Indication 2. Asshown in FIG. 14, after the receiving module 400 receives anauthentication vector message sent by the HSS, the processing module 500may add the identification information (the Indication 2) to theauthentication request message set by the HSS, and send, to the UE-R byusing the sending module 600, the authentication request message thatincludes the Indication 2 and the authentication vector (a RAND and anAUTN) that is set by the HSS. Specifically, the sending module 600 maysend the authentication request message that includes the Indication 2,the AUTN, and the RAND to the UE-R, so as to inform, by using theIndication 2, that the authentication request message is a requestmessage for authenticating on the UE.

In some feasible implementation manners, after the sending module 600 ofthe MME sends the authentication request message for authenticating onthe UE to the UE-R, the UE-R may send, according to the authenticationrequest message, an authentication request message to the UE, and send,to the UE, the information such as the RAND and AUTN set by the HSS. TheUE may perform verification on an authentication parameter included inthe authentication vector in the authentication request message, computea parameter RES, and further send the RES parameter to the UE-R by usingan authentication response. After receiving the authentication responsemessage sent by the UE, the UE-R may send the authentication responsemessage that includes the RES parameter to the MME. After receiving theauthentication response message, the MME may compare the RES parameterin the authentication response message with a prestored XRES in theauthentication vector sent by the HSS, to determine whether the RES andthe XRES are consistent. If a result of the determining is yes, it maybe determined that the UE is UE that is allowed to access a network,that is, authentication on the UE may be completed by using theauthentication request of the UE.

The control network element (the MME) described in this embodiment ofthe present invention may determine, according to a second requestmessage sent by a UE-R, whether the second request message includesidentification information for authenticating on UE or whether a messagetype of the second request message is a specified message type, when thesecond request message includes the identification information forauthenticating on the UE or the message type of the second requestmessage is the specified message type, send an authentication datarequest message to an HSS, acquire, from the HSS, authenticationidentification information such as an authentication vector forauthenticating on the UE, and further send an authentication requestmessage that includes the authentication identification information tothe UE-R, so as to send the authentication identification information tothe UE by using the UE-R. The MME in this embodiment of the presentinvention may send the authentication data request message that includesidentification information for authenticating on the UE to the HSS, orsend the authentication request message that includes the authenticationidentification information to the UE-R, which can improve efficiency inauthenticating the UE, reduce complexity and costs of terminals such asthe UE-R and the UE, and improve user experience of authentication onthe UE.

Referring to FIG. 20, FIG. 20 is a schematic structural diagram of anembodiment of a terminal authentication system according to anembodiment of the present invention. The terminal authentication systemdescribed in this embodiment includes: the foregoing terminalauthentication user equipment 1000 provided in the embodiments of thepresent invention, the foregoing terminal authentication relay device2000 provided in the embodiments of the present invention, the foregoingterminal authentication control device 3000 provided in the embodimentsof the present invention, and the foregoing terminal authenticationserver 4000 provided in the embodiments of the present invention.

In specific implementation, for a specific implementation process of theforegoing terminal authentication system provided in the presentinvention, refer to a specific implementation process of the foregoingterminal authenticating method or apparatus (including the UE, the UE-R,the MME, and the HSS) provided in the embodiments of the presentinvention, and details are not described herein again.

A person of ordinary skill in the art may understand that all or some ofthe processes of the methods in the embodiments may be implemented by acomputer program instructing relevant hardware. The program may bestored in a computer-readable storage medium. When the program runs, theprocesses of the methods in the embodiments are performed. The foregoingstorage medium may include: a magnetic disk, an optical disc, aread-only memory (Read-Only Memory, ROM), a random access memory (RandomAccess Memory, RAM), or the like.

What is disclosed above is merely exemplary embodiments of the presentinvention, and certainly is not intended to limit the protection scopeof the present invention. Therefore, equivalent variations made inaccordance with the claims of the present invention shall fall withinthe scope of the present invention.

What is claimed is:
 1. A terminal authenticating method comprising:receiving, by a UE-to-network relay (UE-R), a first request message sentby user equipment (UE); sending, by the UE-R, a second request messageto a control network element according to the first request message sentby the UE; receiving, by the UE-R, an authentication request messagesent by the control network element; determining whether theauthentication request message is for authenticating on the UE; andsending, by the UE-R, an authentication request message to the UE whenthe authentication request message sent by the control network elementis for authenticating on the UE.
 2. The method according to claim 1,wherein the first request message sent by the UE comprises theidentification information for authenticating on the UE; and whereinsending, by the UE-R, the second request message to the control networkelement according to the first request message sent by the UE comprises:adding, by the UE-R to the second request message, the identificationinformation for authenticating on the UE that is carried in the firstrequest message, and sending the second request message to the controlnetwork element.
 3. The method according to claim 1, wherein the firstrequest message sent by the UE does not comprise the identificationinformation for authenticating on the UE; and wherein sending, by theUE-R, the second request message to the control network elementaccording to the first request message sent by the UE comprises: adding,by the UE-R, the identification information for authenticating on the UEto the second request message, and sending the second request message tothe control network element.
 4. The method according to claim 1, whereinthe authentication request message sent by the control network elementcomprises authentication identification information that is forauthenticating on the UE and is set by a home subscriber server (HSS)according to the identification information for authenticating on theUE; and wherein determining whether the authentication request messageis for authenticating on the UE comprises: determining whether theauthentication request message comprises the authenticationidentification information; and determining that the authenticationrequest message is for authenticating on the UE when the authenticationrequest message comprises the authentication identification information.5. A terminal authenticating method comprising: receiving, by a controlnetwork element, a second request message sent by a UE-to-network relay(UE-R), and determining whether the second request message comprisesidentification information for authenticating on a UE; sending, by thecontrol network element, an authentication data request message to ahome subscriber server (HSS) when the second request message comprisesthe identification information for authenticating on the UE, wherein theauthentication data request message carries the identificationinformation for authenticating on the UE; acquiring, by the controlnetwork element, from the HSS, an authentication vector determined bythe HSS according to the authentication data request message; andsending, by the control network element, an authentication requestmessage that comprises information about the authentication vector tothe UE-R, so that the UE-R determines whether the authentication requestmessage is for authenticating on the UE.
 6. The method according toclaim 5, wherein after receiving, by the control network element, thesecond request message sent by the UE-R, the method further comprises:determining whether the second request message is of a specified messagetype; and sending, by the control network element, the authenticationdata request message to the HSS in response to the second requestmessage being of the specified message type.
 7. The method according toclaim 5, wherein before sending, by the control network element, theauthentication data request message to the HSS, the method furthercomprises: adding, by the control network element, an identificationinformation for authenticating on the UE to the authentication datarequest message.
 8. The method according to claim 5, wherein beforesending, by the control network element, the authentication requestmessage comprising information about the authentication vector to theUE-R, the method further comprises: adding, by the control networkelement, the identification information for authenticating on the UE tothe authentication request message.
 9. A terminal authentication relaydevice comprising: a receiving module configured to receive a firstrequest message sent by a UE; a sending module configured to send asecond request message to a control network element according to thefirst request message sent by the UE; the receiving module is furtherconfigured to receive an authentication request message sent by thecontrol network element; a determining module configured to determine,according to the authentication request message received by thereceiving module, whether the authentication request message is forauthenticating on the UE; and the sending module is further configuredto send an authentication request message to the UE when a result of thedetermining by the determining module that the authentication requestmessage is for authentication on the UE, wherein the authenticationrequest message sent by the sending module comprises an authenticationparameter of the UE.
 10. The relay device according to claim 9, whereinthe first request message sent by the UE and received by the receivingmodule comprises the identification information for authenticating onthe UE; and wherein the sending module is further specificallyconfigured to: add, to the second request message, the identificationinformation for authenticating on the UE carried in the first requestmessage; and send the second request message to the control networkelement.
 11. The relay device according to claim 9, wherein the firstrequest message sent by the UE and received by the receiving module doesnot comprise the identification information for authenticating on theUE; and wherein the sending module is specifically configured to: addthe identification information for authenticating on the UE to thesecond request message, and send the second request message to thecontrol network element.
 12. The relay device according to claim 9,wherein the authentication request message sent by the control networkelement and received by the receiving module comprises authenticationidentification information for authenticating on the UE and is set by ahome subscriber server (HSS) according to the identification informationfor authenticating on the UE; and wherein the determining module isspecifically configured to: determine whether the authentication requestmessage comprises the authentication identification information; anddetermine that the authentication request message is for authenticatingon the UE when the authentication request message comprises theauthentication identification information.